directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 47650 - in incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io: . decoder
Date Fri, 01 Oct 2004 15:40:53 GMT
Author: erodriguez
Date: Fri Oct  1 08:40:52 2004
New Revision: 47650

Added:
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/ApplicationRequestDecoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthenticatorDecoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthorizationDataDecoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/EncTicketPartDecoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KerberosMessageDecoder.java
Log:
Kerberos ASN.1 DER decoders

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/ApplicationRequestDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/ApplicationRequestDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,87 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.messages.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+import java.util.*;
+
+public class ApplicationRequestDecoder extends KerberosMessageDecoder {
+	
+	public ApplicationRequest decode(byte[] encodedAuthHeader) throws IOException {
+		
+		ByteArrayInputStream bais = new ByteArrayInputStream(encodedAuthHeader);
+		ASN1InputStream ais = new ASN1InputStream(bais);
+
+		DERApplicationSpecific app = (DERApplicationSpecific) ais.readObject();
+		
+		DERSequence apreq = (DERSequence) app.getObject();
+		return decodeApplicationRequestSequence(apreq);
+	}
+	
+	/*
+        AP-REQ ::=      [APPLICATION 14] SEQUENCE {
+        pvno[0]                       INTEGER,
+        msg-type[1]                   INTEGER,
+
+        ap-options[2]                 APOptions,
+        ticket[3]                     Ticket,
+        authenticator[4]              EncryptedData
+        }
+    */
+	private ApplicationRequest decodeApplicationRequestSequence(DERSequence sequence) throws
IOException {
+		
+		ApplicationRequest authHeader = new ApplicationRequest();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger) derObject;
+					authHeader.setProtocolVersionNumber(tag0.getValue().intValue());
+					break;
+				case 1:
+					DERInteger tag1 = (DERInteger) derObject;
+					authHeader.setMessageType(MessageType.getTypeByOrdinal(tag1.getValue().intValue()));
+					break;
+				case 2:
+					DERBitString apOptions = (DERBitString)derObject;
+					authHeader.setApOptions(new ApOptions(apOptions.getBytes()));
+					break;
+				case 3:
+					DERApplicationSpecific tag3 = (DERApplicationSpecific)derObject;
+					authHeader.setTicket(decodeTicket(tag3));
+					break;
+				case 4:
+					DERSequence tag4 = (DERSequence)derObject;
+					authHeader.setEncPart(decodeEncryptedData(tag4));
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return authHeader;
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthenticatorDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthenticatorDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,38 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.messages.components.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public class AuthenticatorDecoder extends KerberosMessageDecoder {
+	
+	public Authenticator decode(byte[] encodedAuthenticator) throws IOException {
+		
+		ByteArrayInputStream bais = new ByteArrayInputStream(encodedAuthenticator);
+		ASN1InputStream ais = new ASN1InputStream(bais);
+		
+		DERApplicationSpecific app = (DERApplicationSpecific) ais.readObject();
+		
+		DERSequence sequence = (DERSequence) app.getObject();
+		
+		return decodeAuthenticator(sequence);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthorizationDataDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/AuthorizationDataDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,36 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public class AuthorizationDataDecoder extends KerberosMessageDecoder {
+	
+	public AuthorizationData decode(byte[] encodedAuthData) throws IOException {
+		
+		ByteArrayInputStream bais = new ByteArrayInputStream(encodedAuthData);
+		ASN1InputStream ais = new ASN1InputStream(bais);
+
+		DERSequence sequence = (DERSequence) ais.readObject();
+		
+		return decodeAuthorizationData(sequence);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/EncTicketPartDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/EncTicketPartDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,118 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.messages.components.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+import java.util.*;
+
+public class EncTicketPartDecoder extends KerberosMessageDecoder {
+	
+	public EncTicketPart decode(byte[] encodedTicket) throws IOException {
+		
+		ByteArrayInputStream bais = new ByteArrayInputStream(encodedTicket);
+		ASN1InputStream ais = new ASN1InputStream(bais);
+		
+		DERApplicationSpecific app = (DERApplicationSpecific) ais.readObject();
+		
+		DERSequence sequence = (DERSequence) app.getObject();
+		
+		return decodeEncTicketPartSequence(sequence);
+		
+	}
+	
+	/*
+	-- Encrypted part of ticket
+	EncTicketPart ::=     [APPLICATION 3] SEQUENCE {
+	                      flags[0]             TicketFlags,
+	                      key[1]               EncryptionKey,
+	                      crealm[2]            Realm,
+	                      cname[3]             PrincipalName,
+	                      transited[4]         TransitedEncoding,
+	                      authtime[5]          KerberosTime,
+	                      starttime[6]         KerberosTime OPTIONAL,
+	                      endtime[7]           KerberosTime,
+	                      renew-till[8]        KerberosTime OPTIONAL,
+	                      caddr[9]             HostAddresses OPTIONAL,
+	                      authorization-data[10]   AuthorizationData OPTIONAL
+	}*/
+	private EncTicketPart decodeEncTicketPartSequence(DERSequence sequence) {
+		
+		EncTicketPart encPart = new EncTicketPart();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERBitString tag0 = (DERBitString)derObject;
+					encPart.setFlags(new TicketFlags(tag0.getBytes()));
+					break;
+				case 1:
+					DERSequence tag1 = (DERSequence) derObject;
+					encPart.setSessionKey(decodeEncryptionKey(tag1));
+					break;
+				case 2:
+					DERGeneralString tag2 = (DERGeneralString)derObject;
+					encPart.setClientRealm(new Realm(tag2.getString()));
+					break;
+				case 3:
+					DERSequence tag3 = (DERSequence)derObject;
+					encPart.setClientName(decodePrincipalName(tag3));
+					break;
+				case 4:
+					DERSequence tag4 = (DERSequence)derObject;
+					encPart.setTransitedEncoding(decodeTransitedEncoding(tag4));
+					break;
+				case 5:
+					DERGeneralizedTime tag5 = (DERGeneralizedTime)derObject;
+					encPart.setAuthtime(decodeKerberosTime(tag5));
+					break;
+				case 6:
+					DERGeneralizedTime tag6 = (DERGeneralizedTime)derObject;
+					encPart.setStartTime(decodeKerberosTime(tag6));
+					break;
+				case 7:
+					DERGeneralizedTime tag7 = (DERGeneralizedTime)derObject;
+					encPart.setEndTime(decodeKerberosTime(tag7));
+					break;
+				case 8:
+					DERGeneralizedTime tag8 = (DERGeneralizedTime)derObject;
+					encPart.setRenewTill(decodeKerberosTime(tag8));
+					break;
+				case 9:
+					DERSequence tag9 = (DERSequence)derObject;
+					encPart.setClientAddresses(decodeHostAddresses(tag9));
+					break;
+				case 10:
+					DERSequence tag10 = (DERSequence)derObject;
+					encPart.setAuthorizationData(decodeAuthorizationData(tag10));
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return encPart;
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,227 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.messages.*;
+import org.apache.kerberos.messages.components.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+import java.util.*;
+
+public class KdcRequestDecoder extends KerberosMessageDecoder {
+
+	public KdcRequest decode(InputStream is) throws IOException {
+		
+		ASN1InputStream ais = new ASN1InputStream(is);
+		
+		DERApplicationSpecific app = (DERApplicationSpecific) ais.readObject();
+		
+		DERSequence kdcreq = (DERSequence) app.getObject();
+		return decodeKdcRequestSequence(kdcreq);
+	}
+	
+	/*
+	AS-REQ ::=         [APPLICATION 10] KDC-REQ
+	TGS-REQ ::=        [APPLICATION 12] KDC-REQ
+	
+	KDC-REQ ::=        SEQUENCE {
+	           pvno[1]               INTEGER,
+	           msg-type[2]           INTEGER,
+	           padata[3]             SEQUENCE OF PA-DATA OPTIONAL,
+	           req-body[4]           KDC-REQ-BODY
+	}*/
+	private KdcRequest decodeKdcRequestSequence(DERSequence sequence) throws IOException {
+		
+		int pvno = 5;
+		MessageType msgType = MessageType.NULL;
+		
+		PreAuthenticationData[] paData = null;
+		KdcReqBody reqBody = null;
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 1:
+					DERInteger tag1 = (DERInteger)derObject;
+					pvno = tag1.getValue().intValue();
+					break;
+				case 2:
+					DERInteger tag2 = (DERInteger)derObject;
+					msgType = MessageType.getTypeByOrdinal(tag2.getValue().intValue());
+					break;
+				case 3:
+					DERSequence tag3 = (DERSequence)derObject;
+					paData = decodePaData(tag3);
+					break;
+				case 4:
+					DERSequence tag4 = (DERSequence)derObject;
+					reqBody = decodeKdcRequestBody(tag4);
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		
+		return new KdcRequest(pvno, msgType, paData, reqBody);
+	}
+
+	/*
+	PA-DATA ::=        SEQUENCE {
+	           padata-type[1]        INTEGER,
+	           padata-value[2]       OCTET STRING,
+	                         -- might be encoded AP-REQ
+	}*/
+	private PreAuthenticationData[] decodePaData(DERSequence sequence) {
+
+		PreAuthenticationData[] paDataSequence = new PreAuthenticationData[2];
+		int i = 0;
+
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERSequence pa = (DERSequence) e.nextElement();
+			
+			paDataSequence[i] = new PreAuthenticationData();
+			
+			for (Enumeration e2 = pa.getObjects(); e2.hasMoreElements();) {
+				DERTaggedObject object = ((DERTaggedObject) e2.nextElement());
+				int tag = object.getTagNo();
+				DERObject derObject = object.getObject();
+				System.out.println(tag);
+				switch (tag) {
+					case 1:
+						DERInteger padataType = (DERInteger) derObject;
+						paDataSequence[i].setDataType(padataType.getValue().intValue());
+						break;
+					case 2:
+						DEROctetString padataValue = (DEROctetString) derObject;
+						paDataSequence[i].setDataValue(padataValue.getOctets());
+						break;
+					default:
+						System.out.println(derObject);
+						break;
+				}
+			}
+			
+			i++;
+		}
+		return paDataSequence;
+	}
+
+	/*
+	KDC-REQ-BODY ::=   SEQUENCE {
+	            kdc-options[0]       KdcOptions,
+	            cname[1]             PrincipalName OPTIONAL,
+	                         -- Used only in AS-REQ
+	            realm[2]             Realm, -- Server's realm
+	                         -- Also client's in AS-REQ
+	            sname[3]             PrincipalName OPTIONAL,
+	            from[4]              KerberosTime OPTIONAL,
+	            till[5]              KerberosTime,
+	            rtime[6]             KerberosTime OPTIONAL,
+	            nonce[7]             INTEGER,
+	            etype[8]             SEQUENCE OF INTEGER, -- EncryptionEngine,
+	                         -- in preference order
+	            addresses[9]         HostAddresses OPTIONAL,
+	            enc-authorization-data[10]   EncryptedData OPTIONAL,
+	                         -- Encrypted AuthorizationData encoding
+	            additional-tickets[11]       SEQUENCE OF Ticket OPTIONAL
+	}*/
+	private KdcReqBody decodeKdcRequestBody(DERSequence sequence) throws IOException {
+		
+		KdcReqBody reqBody = new KdcReqBody();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERBitString kdcOptions = (DERBitString)derObject;
+					reqBody.setKdcOptions(new KdcOptions(kdcOptions.getBytes()));
+					break;
+				case 1:
+					DERSequence cName = (DERSequence)derObject;
+					reqBody.setCname(decodePrincipalName(cName));
+					break;
+				case 2:
+					DERGeneralString realm = (DERGeneralString)derObject;
+					reqBody.setRealm(new Realm(realm.getString()));
+					break;
+				case 3:
+					DERSequence sname = (DERSequence)derObject;
+					reqBody.setSname(decodePrincipalName(sname));
+					break;
+				case 4:
+					DERGeneralizedTime from = (DERGeneralizedTime)derObject;
+					reqBody.setFrom(decodeKerberosTime(from));
+					break;
+				case 5:
+					DERGeneralizedTime till = (DERGeneralizedTime)derObject;
+					reqBody.setTill(decodeKerberosTime(till));
+					break;
+				case 6:
+					DERGeneralizedTime rtime = (DERGeneralizedTime)derObject;
+					reqBody.setRtime(decodeKerberosTime(rtime));
+					break;
+				case 7:
+					DERInteger nonce = (DERInteger)derObject;
+					reqBody.setNonce(nonce.getValue().intValue());
+					break;
+				case 8:
+					DERSequence etype = (DERSequence)derObject;
+					reqBody.setEType(decodeEncryptionType(etype));
+					break;
+				case 9:
+					DERSequence hostAddresses = (DERSequence)derObject;
+					reqBody.setAddresses(decodeHostAddresses(hostAddresses));
+					break;
+				case 10:
+					DERSequence encryptedData = (DERSequence)derObject;
+					reqBody.setEncAuthorizationData(decodeEncryptedData(encryptedData));
+					break;
+				case 11:
+					DERSequence tag11 = (DERSequence)derObject;
+					reqBody.setAdditionalTickets(decodeTickets(tag11));
+					break;
+			    default:
+			    	System.out.println("****** " + object.getObject());
+			    	break;
+			}
+		}
+		
+		return reqBody;
+	}
+	
+	protected Ticket[] decodeTickets(DERSequence sequence) throws IOException {
+		
+		Ticket[] tickets = new Ticket[sequence.size()];
+		
+		int i = 0;
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERApplicationSpecific object = ((DERApplicationSpecific) e.nextElement());
+			tickets[i] = decodeTicket(object);
+		}
+		return tickets;
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KerberosMessageDecoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KerberosMessageDecoder.java
Fri Oct  1 08:40:52 2004
@@ -0,0 +1,444 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.decoder;
+
+import org.apache.kerberos.crypto.checksum.*;
+import org.apache.kerberos.crypto.encryption.*;
+import org.apache.kerberos.messages.components.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+import java.text.*;
+import java.util.*;
+
+public abstract class KerberosMessageDecoder {
+	
+	/*
+	Ticket ::=                    [APPLICATION 1] SEQUENCE {
+        tkt-vno[0]                   INTEGER,
+        realm[1]                     Realm,
+        sname[2]                     PrincipalName,
+        enc-part[3]                  EncryptedData
+    }*/
+	protected Ticket decodeTicket(DERApplicationSpecific app) throws IOException{
+		
+		DERSequence sequence = (DERSequence) app.getObject();
+		
+		Ticket ticket = new Ticket();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag + " " + derObject);
+			switch (tag) {
+				case 0:
+					DERInteger etype = (DERInteger)derObject;
+					ticket.setTicketVersionNumber(etype.getValue().intValue());
+					break;
+				case 1:
+					DERGeneralString tag1 = (DERGeneralString)derObject;
+					ticket.setRealm(new Realm(tag1.getString()));
+					break;
+				case 2:
+					DERSequence tag2 = (DERSequence)derObject;
+					ticket.setServerName(decodePrincipalName(tag2));
+					break;
+				case 3:
+					DERSequence tag3 = (DERSequence)derObject;
+					ticket.setEncPart(decodeEncryptedData(tag3));
+					break;
+			    default:
+			    	System.out.println(object.getObject());
+			    	break;
+			}
+		}
+		return ticket;
+	}
+	
+	/*
+	EncryptedData ::=   SEQUENCE {
+	            etype[0]     INTEGER, -- EncryptionEngine
+	            kvno[1]      INTEGER OPTIONAL,
+	            cipher[2]    OCTET STRING -- ciphertext
+	}*/
+	protected EncryptedData decodeEncryptedData(DERSequence sequence) {
+		
+		EncryptedData data = new EncryptedData();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag + " " + derObject);
+			switch (tag) {
+				case 0:
+					DERInteger etype = (DERInteger)derObject;
+					data.setEncryptionType(EncryptionType.getTypeByOrdinal(etype.getValue().intValue()));
+					break;
+				case 1:
+					DERInteger kvno = (DERInteger)derObject;
+					data.setKeyVersion(kvno.getValue().intValue());
+					break;
+				case 2:
+					DEROctetString cipher = (DEROctetString)derObject;
+					data.setCipherText(cipher.getOctets());
+					break;
+			    default:
+			    	System.out.println(object.getObject());
+			    	break;
+			}
+		}
+		return data;
+	}
+	
+	/*
+	PrincipalName ::=   SEQUENCE {
+	              name-type[0]     INTEGER,
+	              name-string[1]   SEQUENCE OF GeneralString
+	}*/
+	protected PrincipalName decodePrincipalName(DERSequence sequence) {
+		
+		PrincipalName name = new PrincipalName();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger nameType = (DERInteger)derObject;
+					name.setNameType(nameType.getValue().intValue());
+					break;
+				case 1:
+					DERSequence nameString = (DERSequence)derObject;
+					decodeNameString(nameString, name);
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return name;
+	}
+	
+	private void decodeNameString(DERSequence sequence, PrincipalName name) {
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERGeneralString object = ((DERGeneralString) e.nextElement());
+			name.addName(object.getString());
+		}
+	}
+	
+	/*
+	KerberosTime ::=   GeneralizedTime
+	            -- Specifying UTC time zone (Z)
+	*/
+	protected KerberosTime decodeKerberosTime(DERGeneralizedTime time) {
+		Date date = null;
+		try {
+			date = time.getDate();
+		} catch (ParseException pe) {
+			pe.printStackTrace();
+		}
+		return new KerberosTime(date);
+	}
+	
+	/*
+    etype[8]             SEQUENCE OF INTEGER, -- EncryptionEngine,
+                -- in preference order
+    */
+	protected EncryptionType[] decodeEncryptionType(DERSequence sequence) {
+		
+		EncryptionType[] eTypes = new EncryptionType[sequence.size()];
+		int i = 0;
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERInteger object = ((DERInteger) e.nextElement());
+			eTypes[i] = EncryptionType.getTypeByOrdinal(object.getValue().intValue());
+			i++;
+		}
+		return eTypes;
+	}
+	
+	/*
+	 HostAddress ::=     SEQUENCE  {
+                        addr-type[0]             INTEGER,
+                        address[1]               OCTET STRING
+    }*/
+	protected HostAddress decodeHostAddress(DERSequence sequence) {
+		
+		int type = 0;
+		byte[] value = new byte[0];
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger addressType = (DERInteger)derObject;
+					type = addressType.getValue().intValue();
+					break;
+				case 1:
+					DEROctetString address = (DEROctetString)derObject;
+					value = address.getOctets();
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return new HostAddress(type, value);
+	}
+	
+	/*
+	HostAddresses ::=   SEQUENCE OF SEQUENCE {
+	                    addr-type[0]             INTEGER,
+	                    address[1]               OCTET STRING
+	}*/
+	protected HostAddresses decodeHostAddresses(DERSequence sequence) {
+		
+		HostAddress[] addresses = new HostAddress[sequence.size()];
+		int i = 0;
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERSequence object = ((DERSequence) e.nextElement());
+			HostAddress address = decodeHostAddress(object);
+			addresses[i] = address;
+			i++;
+		}
+		return new HostAddresses(addresses);
+	}
+	
+	/*
+	Checksum ::=   SEQUENCE {
+             cksumtype[0]   INTEGER,
+             checksum[1]    OCTET STRING
+    }
+	*/
+	protected Checksum decodeChecksum(DERSequence sequence) {
+		ChecksumType type = ChecksumType.NULL;
+		byte[] data = null;
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger)derObject;
+					type = ChecksumType.getTypeByOrdinal(tag0.getValue().intValue());
+					break;
+				case 1:
+					DEROctetString tag1 = (DEROctetString)derObject;
+					data = tag1.getOctets();
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return new Checksum(type, data);
+	}
+	
+	/*
+    EncryptionKey ::=   SEQUENCE {
+        keytype[0]    INTEGER,
+        keyvalue[1]   OCTET STRING
+    }*/
+	protected EncryptionKey decodeEncryptionKey(DERSequence sequence) {
+		EncryptionType type = EncryptionType.NULL;
+		byte[] data = null;
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger)derObject;
+					type = EncryptionType.getTypeByOrdinal(tag0.getValue().intValue());
+					break;
+				case 1:
+					DEROctetString tag1 = (DEROctetString)derObject;
+					data = tag1.getOctets();
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return new EncryptionKey(type, data);
+	}
+	
+	/*
+	LastReq ::=   SEQUENCE OF SEQUENCE {
+	lr-type[0]               INTEGER,
+	lr-value[1]              KerberosTime
+	}*/
+	protected void decodeLastRequest() {};
+	
+	/*
+	TransitedEncoding ::=         SEQUENCE {
+        tr-type[0]  INTEGER, -- must be registered
+        contents[1]          OCTET STRING
+    }*/
+	protected TransitedEncoding decodeTransitedEncoding(DERSequence sequence) {
+		int type = 0;
+		byte[] contents = null;
+
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger) derObject;
+					type = tag0.getValue().intValue();
+					break;
+				case 1:
+					DEROctetString tag1 = (DEROctetString) derObject;
+					contents = tag1.getOctets();
+					break;
+				default:
+					System.out.println(derObject);
+					break;
+			}
+		}
+		return new TransitedEncoding(type, contents);
+	}
+	
+	/*
+	AuthorizationData ::=   SEQUENCE OF SEQUENCE {
+        ad-type[0]               INTEGER,
+        ad-data[1]               OCTET STRING
+    }*/
+	protected AuthorizationData decodeAuthorizationData(DERSequence sequence) {
+		
+		AuthorizationData authData = new AuthorizationData();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERSequence object = ((DERSequence) e.nextElement());
+			AuthorizationDataEntry entry = decodeAuthorizationEntry(object);
+			authData.add(entry);
+		}
+		
+		return authData;
+	}
+	
+	protected AuthorizationDataEntry decodeAuthorizationEntry(DERSequence sequence) {
+		
+		int type = 0;
+		byte[] data = null;
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger)derObject;
+					type = tag0.getValue().intValue();
+					break;
+				case 1:
+					DEROctetString tag1 = (DEROctetString)derObject;
+					data = tag1.getOctets();
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return new AuthorizationDataEntry(type, data);
+	}
+	
+	/*
+	-- Unencrypted authenticator
+	Authenticator ::=    [APPLICATION 2] SEQUENCE    {
+	               authenticator-vno[0]          INTEGER,
+	               crealm[1]                     Realm,
+	               cname[2]                      PrincipalName,
+	               cksum[3]                      Checksum OPTIONAL,
+	               cusec[4]                      INTEGER,
+	               ctime[5]                      KerberosTime,
+	               subkey[6]                     EncryptionKey OPTIONAL,
+	               seq-number[7]                 INTEGER OPTIONAL,
+
+	               authorization-data[8]         AuthorizationData OPTIONAL
+	}
+	*/
+	protected Authenticator decodeAuthenticator(DERSequence sequence) {
+		
+		Authenticator auth = new Authenticator();
+		
+		for (Enumeration e = sequence.getObjects(); e.hasMoreElements();) {
+			DERTaggedObject object = ((DERTaggedObject) e.nextElement());
+			int tag = object.getTagNo();
+			DERObject derObject = object.getObject();
+			System.out.println(tag);
+			switch (tag) {
+				case 0:
+					DERInteger tag0 = (DERInteger)derObject;
+					auth.setVersionNumber(tag0.getValue().intValue());
+					break;
+				case 1:
+					DERGeneralString tag1 = (DERGeneralString)derObject;
+					auth.setClientRealm(new Realm(tag1.getString()));
+					break;
+				case 2:
+					DERSequence tag2 = (DERSequence)derObject;
+					auth.setClientName(decodePrincipalName(tag2));
+					break;
+				case 3:
+					DERSequence tag3 = (DERSequence)derObject;
+					auth.setChecksum(decodeChecksum(tag3));
+					break;
+				case 4:
+					DERInteger tag4 = (DERInteger)derObject;
+					auth.setClientMicroSecond(tag4.getValue().intValue());
+					break;
+				case 5:
+					DERGeneralizedTime tag5 = (DERGeneralizedTime)derObject;
+					auth.setClientTime(decodeKerberosTime(tag5));
+					break;
+				case 6:
+					DERSequence tag6 = (DERSequence) derObject;
+					auth.setSubSessionKey(decodeEncryptionKey(tag6));
+					break;
+				case 7:
+					DERInteger tag7 = (DERInteger)derObject;
+					auth.setSequenceNumber(tag7.getValue().intValue());
+					break;
+				case 8:
+					DERSequence tag8 = (DERSequence)derObject;
+					auth.setAuthorizationData(decodeAuthorizationData(tag8));
+					break;
+			    default:
+			    	System.out.println(derObject);
+			    	break;
+			}
+		}
+		return auth;
+	}
+}
+

Mime
View raw message